Featured blog post

Our Fight Against Fraud

Advertising fraud is a complex and constantly changing problem for our industry. In recent weeks the impact of fraud was highlighted through findings from the IAB, Solve Media and others who confirmed that suspicious traffic from botnets and resulting click fraud is accelerating. Industry estimates confirm that as much as one third of all internet traffic can be considered fake. Depending on which report you read, it is estimated that click-fraud will cost marketers as much as $11.6 billion this year. That’s a staggering number and rising, up 23% over 2013.1

With the costs of ad fraud soaring and the industry collectively scratching its head to get ahead of the problem, I wanted to take a moment to let our advertisers and partners know how we are fighting back.

We offer brands the opportunity to connect with consumers across a wide range of devices and services, including Bing, Windows 8, MSN, Skype, Xbox and Outlook.com. This diverse portfolio of assets and the sheer number of consumers who use our products are very attractive to our brand partners, but also make us a target for bad actors. Over the years, we have developed a variety of solutions to identify and address suspicious activity across our portfolio, but as fraud becomes increasingly prevalent and complex, so too must our fraud detection solutions.

In addition to the more common types of click-fraud, we focus on preventing all types of advertising fraud across our assets, including search, display, publisher and advertiser fraud schemes. Investing in this effort “raises the bar” on cyber outlaws, requiring them to develop more sophisticated (and more costly) methods of evasion while increasing the level of protection we can provide brand partners. These efforts help ensure ads continue to be seen by actual consumers and that ads on Microsoft properties are legitimately marketing intended products and services that provide value to our end consumers. It’s a cat and mouse game.

So how do we maintain high-quality inventory and help our advertisers avoid fraud? Our efforts are directed at prevention, detection, and mitigation.

Prevention

An ounce of prevention is worth a pound of cure. In the case of fraud, prevention amounts to better quality inventory and helps reduce fake impressions and clicks. We have dedicated business and engineering teams around the globe working 24x7 to detect fraudulent activity and approach the problem from every angle.

Detection

We are continuously improving our detection methods and developing new signals that can inform our current solutions. Some of the new initiatives we have in development include:

New programmatic methods for detecting fraud based on recent investigations and behavioral signals. These methods include updates to our proprietary blocking, detection, and filtration systems to enhance a complex series of filters that automatically work to identify bots, low-quality, and/or invalid clicks that will not be billed to advertisers.

New practices for rapidly deploying “incubation” teams to detect new types of fraud.

With our partners in Microsoft Research, we have implemented a pilot solution called DECAF (DECAF: Detecting and Characterizing Ad Fraud in Mobile Apps). The solution helps detect fraud in Windows-based mobile platforms and has already been applied to over 1,150 tablet apps and 50,000 phone apps. As online advertising in the mobile space and in-app-advertising becomes increasingly popular, in-app fraud is a growing problem. We estimate that mobile app advertisers lost nearly $1 billion (12% of mobile ad budget) in 2013 due to fraud.2 The DECAF model is one way we are working to stem the tide.

Microsoft has a rich legacy around computing security and enforcement. Results of actions such as our Digital Crime Unit’s Botnet takedowns in coordination with Microsoft Advertising represent a new opportunity for correlating known infected computers with current patterns of fraudulent traffic.

Mitigation

We have an extensive process for filtering and monitoring inventory to mitigate fraud and evaluate traffic against known fraud patterns. Our goal is to ensure our advertisers are not impacted by bad traffic and that consumers are protected from rogue ads that lend to phishing, malware and other fraudulent practices. While we know we cannot prevent every instance of fraud every time, we are continuously monitoring for traffic anomalies and take aggressive action to mitigate impact when such activity is discovered. This action ranges from requiring a traffic source to adjust an implementation, to blacklisting domains or more severe actions against larger entities.

An Industry-Wide Issue

To truly make a difference in combating this problem, it will take a collective approach. We’re working closely with other industry leaders as a member of the IAB’s Traffic of Good Intent (TOGI) task force, whose mission is to identify, understand and raise awareness of the issue of non-intentional traffic, and offer insight and recommended solutions to the digital advertising industry.

The industry needs to stay vigilant in terms of its business practices and processes. Understanding the nature of fraud and taking steps to invest in or develop solutions that help protect against its impact are critical. More broadly, we would all benefit from a concerted effort to share key learnings and findings across the digital advertising ecosystem.